Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
opsdemon
Latest posts
What Is Penetration Testing?
Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By finding weaknesses through a simulated cyber attack, organizations can pinpoint areas that need improvement before a cybercriminal can exploit them. Penetration testing helps organizations address issues in their systems to prevent unauthorized access, meet compliance requirements and minimize the risk of phishing attacks.
Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector
A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.” Rarely do we get to ask a hacker “what do you think” when it comes to cyber attacks, cybersecurity efforts, and what they think the future will hold. But Bugcrowd’s 2024 Inside the Mind of a Hacker Report (which surveyed 1300 hackers) hosts a treasure trove of data around how hackers see AI and the value it brings.
Why a Zero Trust Architecture Must Include Database Security
Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.
Datadog Integration for Access Requests
See how to set up the Datadog Integration for Access Requests, new in Teleport 17. Notify the right team members immediately through Datadog incidents so users can get just-in-time access to critical resources.
Securing Remote Access: Best Practices for Third-Party Risk Management
The physical location of users has become less and less important in conducting business, with the drawback that it creates new, persistent threats to organizations. You know that. You may not know that remote access to IT and business-critical systems is not a new concept. It’s been around since the late 1980s.
MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack
Our stack to go from experimenting to production won't have any more secrets for you.
CIS Control 11: Data Recovery
Data loss can be a consequence of a variety of factors from malicious ransomware to hardware failures and even natural disasters. Regardless of the reason for data loss, we need to be able to restore our data. A data recovery plan begins with prioritizing our data, protecting it while it is being stored, and having a plan to recover data.
75% of Black Friday Spam Emails Are Scams
Three out of four Black Friday-themed spam emails are scams, according to researchers at Bitdefender. Most of these scams are targeting users in the US and Europe. “This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions,” the researchers write.
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.
What are the consequences of losing Active Directory (AD)?
Did you know that 54% of breaches result from stolen or hacked credentials, according to DHS and CISA? Active Directory (AD) is a prime target for attackers, and compromising it can lead to catastrophic consequences for any organization. In this video, we dive into: Why AD is a prime target: Once compromised, attackers gain "the keys to the kingdom" and access to your entire enterprise. The hidden threat: Attackers can remain undetected in your network for up to 10 days, extracting sensitive information. On average, a data breach costs an organization around $4.4 million.